package cn.gjxblog.demo;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.config.IniSecurityManagerFactory;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.subject.Subject;

/**
 * 作用:基于资源的授权 Resource-Based Access Control
 * 作者:gjx
 * 版本:V1.0
 * 创建时间: 2018/7/26 8:42
 */
public class TestRBACByResources {

    public static void main(String[] args) {
        IniSecurityManagerFactory factory = new IniSecurityManagerFactory("classpath:shiro-permission.ini");
        SecurityManager securityManager = factory.getInstance();
        SecurityUtils.setSecurityManager(securityManager);
        Subject subject = SecurityUtils.getSubject();
        //认证
        subject.login(new UsernamePasswordToken("libai","123456"));


        //用户授权检测
        //查询是否含有某个权限
        boolean permitted = subject.isPermitted("user:create");
        System.out.println(permitted);

        //查询当前用户是否同时含有多个权限
        boolean permittedAll = subject.isPermittedAll("user:create", "user:update");
        System.out.println(permittedAll);


    }
}
